Reviewed-by : Chao Zhang <chao.b.zh...@intel.com> -----Original Message----- From: Chen, Chen A Sent: Thursday, December 7, 2017 2:46 PM To: edk2-devel@lists.01.org Cc: Chen, Chen A <chen.a.c...@intel.com>; Zhang, Chao B <chao.b.zh...@intel.com> Subject: [PATCH] MdeModulePkg/Variable/RuntimeDxe: Modify function return status
Make VariableServiceSetVariable and VariableServiceQueryVariableInfo functions return status following UEFI 2.7 spec. Cc: Zhang Chao <chao.b.zh...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 <chen.a.c...@intel.com> --- .../Universal/Variable/RuntimeDxe/Variable.c | 26 ++++++++++++++++------ 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index f39be6b0b4..d7128fe105 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3145,7 +3145,11 @@ VariableServiceSetVariable ( // Make sure if runtime bit is set, boot service bit is set also. // if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) { - return EFI_INVALID_PARAMETER; + if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { + return EFI_UNSUPPORTED; + } else { + return EFI_INVALID_PARAMETER; + } } else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) { if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) { // @@ -3168,15 +3172,16 @@ VariableServiceSetVariable ( // if (((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) && ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) { - if (DataSize < AUTHINFO_SIZE) { - // - // Try to write Authenticated Variable without AuthInfo. - // - return EFI_SECURITY_VIOLATION; + // + // If DataSize == AUTHINFO_SIZE and then PayloadSize is 0. + // Maybe it's the delete operation of common authenticated variable at user physical presence. + // + if (DataSize != AUTHINFO_SIZE) { + return EFI_UNSUPPORTED; } PayloadSize = DataSize - AUTHINFO_SIZE; } else if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) { @@ -3522,6 +3527,13 @@ VariableServiceQueryVariableInfo ( return EFI_INVALID_PARAMETER; } + if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { + // + // Deprecated attribute, make this check as highest priority. + // + return EFI_UNSUPPORTED; + } + if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) == 0) { // // Make sure the Attributes combination is supported by the platform. -- 2.13.2.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel